<?php

session_cache_expire(999999999);
if (!isset($_SESSION)) {
    session_start();
}
ob_start();

$lang = $_SESSION['lang'];
if (empty($lang) || $lang == "EN") {
    $value = "value/value_en.php";
} else if ($lang == "VN") {
    $value = "value/value_vn.php";
} else {
    $value = "value/value_kr.php";
}
include($value);

include 'operations/connection.php';

function approve($idGroup, $idEmployee, $comment) {

    $db = mysql_query("SELECT l.IDStatus,a.IDStatus as trangthai FROM listapprove l,approvedoc a WHERE l.IDEmployee ='$idEmployee'  AND l.IDGroupApprove = '$idGroup' AND a.IDGroupApprove=l.IDGroupApprove;");
    while ($r = mysql_fetch_array($db)) {
        if ($r[IDStatus] == 2) {
            $id = 0;
            $query = mysql_query("SELECT l.Order FROM listapprove l  WHERE l.IDEmployee ='$idEmployee'  AND l.IDGroupApprove = '$idGroup';");
            while ($row = mysql_fetch_array($query)) {
                $id = $row[Order];
                mysql_query("UPDATE listapprove SET IDStatus=1,DateApprove=NOW(),Description='$comment'
								 WHERE IDEmployee=$idEmployee
								 AND IDGroupApprove = $idGroup");

                mysql_query("UPDATE list_reference SET id_status='2'
								 WHERE id_manager=$idEmployee
								 AND id_group = $idGroup");
            }
            $id = $id + 1;
            $pending = 0;
            $query = mysql_query("SELECT listapprove.IDStatus FROM listapprove,approvedoc
						 	WHERE listapprove.IDGroupApprove = approvedoc.IDGroupApprove
							AND listapprove.IDGroupApprove = $idGroup");
            while ($row = mysql_fetch_array($query)) {
                if ($row[IDStatus] == 4)
                    $pending++;
            }
            if ($pending == 0) {
                mysql_query("UPDATE approvedoc SET IDStatus=1 WHERE IDGroupApprove = $idGroup");
                updateDateApprove($idGroup);
            } else {
                mysql_query("UPDATE listapprove SET IDStatus=2 WHERE listapprove.IDGroupApprove=$idGroup
					AND listapprove.Order=$id");
            }

            $idapprovedoc = "none";
            $employee_id = "none";
            $db = mysql_query("SELECT a.IDApproveDoc,l.IDEmployee 
									 FROM listapprove l,approvedoc a 
									 WHERE l.IDGroupApprove=a.IDGroupApprove AND l.IDGroupApprove='$idGroup' AND l.IDStatus=2;");

            while ($row = mysql_fetch_array($db)) {
                $idapprovedoc = $row[IDApproveDoc];
                $employee_id = $row[IDEmployee];
            }
            // send mail
            $addressbrowser = $_SERVER['SERVER_NAME'];
            $temp = explode(".", $addressbrowser);
            $lang = $_SESSION['lang'];
            if ($lang == '') {
                $lang = 'EN';
                $_SESSION['lang'] = "EN";
            }
            include 'operations/connection.php';

            mysql_select_db("elihan", $connection);

            $sql = "INSERT INTO sendingmail (idgroupapprove,id_approvedoc,id_employee,company,lang,co,id_employee_last) VALUES ('$idGroup', '$idapprovedoc','$employee_id', '$temp[0]', '$lang','1','$idEmployee')";
            mysql_query($sql);

            //set POST variables
            /*
              $addressbrowser = $_SERVER['SERVER_NAME'];
              $temp = explode(".", $addressbrowser);
              $lang=$_SESSION['lang'];
              if($lang==''){
              $lang='EN';
              $_SESSION['lang']="EN";
              }

              $url = 'http://1.234.53.52/mail/index.php';
              $fields = array(
              'idgroupapprove' => urlencode($idGroup),
              'id_approvedoc' => urlencode($idapprovedoc),
              'id_employee' => urlencode($employee_id),
              'company' => urlencode($temp[0]),
              'lang' => urlencode($lang),
              'co' => 1,
              'id_employee_last' => urlencode($idEmployee)
              );

              //url-ify the data for the POST
              foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
              rtrim($fields_string, '&');

              //open connection
              $ch = curl_init();

              //set the url, number of POST vars, POST data
              curl_setopt($ch,CURLOPT_URL, $url);
              curl_setopt($ch,CURLOPT_POST, count($fields));
              curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);

              //execute post
              $result = curl_exec($ch);

              //close connection
              curl_close($ch);

             */
        } else if ($r[IDStatus] == 3) {
            echo "<script>
						alert('" . $l_thongbao2 . "');
					</script>";
        } else if ($r[IDStatus] == 1) {
            echo "<script>
						alert('" . $l_thongbao3 . "');
					</script>";
        }
    }

    if (isset($_REQUEST['page']))
        header("Location: received-list-receiver-not-approved-content&page=" . $_REQUEST['page']);
    else
        header("Location: received-list-receiver-not-approved-content");
}

function updateDocument($idGroup, $id) {
    
}

function updateDateApprove($idGroup) {
    mysql_query("UPDATE approvedoc SET TimeApprove = NOW() WHERE IDGroupApprove=$idGroup");
}

function reject($idGroup, $idEmployee, $comment) {
    $db = mysql_query("SELECT l.IDStatus,a.IDStatus as trangthai FROM listapprove l,approvedoc a WHERE l.IDEmployee ='$idEmployee'  AND l.IDGroupApprove = '$idGroup' AND a.IDGroupApprove=l.IDGroupApprove;");
    while ($r = mysql_fetch_array($db)) {
        if ($r[IDStatus] == 2) {
            mysql_query("UPDATE listapprove SET IDStatus=3,DateApprove=NOW(),Description='$comment' 
								WHERE IDEmployee = $idEmployee
								AND IDGroupApprove = $idGroup");
            mysql_query("UPDATE list_reference SET id_status='2'
								 WHERE id_manager=$idEmployee
								 AND id_group = $idGroup");
            mysql_query("UPDATE approvedoc SET IDStatus=3 WHERE IDGroupApprove = $idGroup");
            updateDateApprove($idGroup);
        } else if ($r[IDStatus] == 3) {
            echo "<script>
						alert('" . $l_thongbao2 . "');
					</script>";
        } else if ($r[IDStatus] == 1) {
            echo "<script>
						alert('" . $l_thongbao3 . "');
					</script>";
        }
    }
    header("Location: received-list-receiver-not-approved-content&page=" . $_REQUEST['page']);
}

function viewReference($idGroup, $idEmployee, $comment) {
    mysql_query("update list_reference set id_status = 1 WHERE id_group=$idGroup AND id_employee=$idEmployee");

    if (isset($_REQUEST['page']))
        header("Location: received-list-receiver-reference-waiting-content&page=" . $_REQUEST['page']);
    else
        header("Location: received-list-receiver-reference-waiting-content");
}

if (isset($_REQUEST['Approve'])) {
    //$_SESSION['s']=(string)(microtime(true)*1000); 
    $comment = $_REQUEST['textarea'];
    approve($_SESSION['idGroup'], $_SESSION['id_employee'], $comment);
}
if (isset($_REQUEST['Reject'])) {
    $comment = $_REQUEST['textarea'];
    reject($_SESSION['idGroup'], $_SESSION['id_employee'], $comment);
}
if (isset($_REQUEST['Accept'])) {
    $comment = $_REQUEST['textarea'];
    viewReference($_SESSION['idGroup'], $_SESSION['id_employee'], $comment);
}
if (isset($_REQUEST['Delete'])) {
    if ($_REQUEST['type'] == 11) {
        if ($_SESSION['action'] == "my_meeting_sending") {
            $sql = "delete FROM listapprove where IDGroupApprove='" . $_SESSION['idGroup'] . "'";
            mysql_query($sql);

            $sql = "delete FROM list_reference where id_group='" . $_SESSION['idGroup'] . "'";
            mysql_query($sql);

            $sql = "DELETE FROM approvedoc WHERE IDApproveDoc = '" . $_REQUEST['id'] . "'";
            mysql_query($sql);

            if (isset($_REQUEST['page']))
                header("Location: mydocument-list-mydocument-meeting-sending-content&page=" . $_REQUEST['page']);
            else
                header("Location: mydocument-list-mydocument-meeting-sending-content");
        }
    }else {
        $id = $_REQUEST['id'];
        mysql_query("UPDATE approvedoc SET IDStatus=6 WHERE (IDApproveDoc='$id')");
        $daction = $_SESSION['action'];
        if ($daction == "my_sending") {
            if (isset($_REQUEST['page']))
                header("Location: mydocument-list-mydocument-sending-content&page=" . $_REQUEST['page']);
            else
                header("Location: mydocument-list-mydocument-meeting-sending-content");
        }else {
            if (isset($_REQUEST['page']))
                header("Location: mydocument-list-mydocument-declined-content&page=" . $_REQUEST['page']);
            else
                header("Location: mydocument-list-mydocument-declined-content");
        }
    }
}

if (isset($_REQUEST['Edit'])) {
    $id = $_REQUEST['id'];
    $type = $_REQUEST['type'];
    $daction = $_SESSION['action'];
    $sql = "delete FROM listapprove where IDGroupApprove='" . $_SESSION['idGroup'] . "'";
    mysql_query($sql);
    $sql = "update approvedoc set IDGroupApprove = NULL,IDStatus = 4 where IDApproveDoc='" . $id . "'";
    mysql_query($sql);
    $sql = "DELETE FROM list_reference WHERE id_group = '" . $_SESSION['idGroup'] . "'";
    mysql_query($sql);
    header("Location: newform-" . $id . "&" . $type . "&" . $daction . "");
}

if (isset($_REQUEST['Restore'])) {
    if ($_SESSION['idGroup'] != "") {
        $sql = mysql_query("select IDStatus from listapprove where IDGroupApprove = '" . $_SESSION['idGroup'] . "'");
        echo "select IDStatus from listapprove where IDGroupApprove = '" . $_SESSION['idGroup'] . "'";
        $idstatus = 1;
        while ($row = mysql_fetch_array($sql)) {
            if ($row[0] == 2) {
                $idstatus = 2;
            } else if ($row[0] == 3) {
                $idstatus = 3;
            }
        }
        //echo $idstatus;
        $sql = "update approvedoc set IDStatus = " . $idstatus . " where IDGroupApprove ='" . $_SESSION['idGroup'] . "'";
        mysql_query($sql);
    } else {
        $sql = "update approvedoc set IDStatus =4 where IDApproveDoc ='" . $_REQUEST['id'] . "'";
        mysql_query($sql);
    }

    if (isset($_REQUEST['page']))
        header("Location: mybin-list-mybin-senddoc-content&page=" . $_REQUEST['page']);
    else
        header("Location: mybin-list-mybin-senddoc-content");
}
if (isset($_REQUEST['Forward'])) {
    echo "newform-" . $_REQUEST['id'] . "&" . $_REQUEST['type'] . "&forward";
    header("Location: newform-" . $_REQUEST['id'] . "&" . $_REQUEST['type'] . "&" . $_REQUEST['page'] . "&forward");
}

ob_flush();
?>